Security FAQ

Security FAQ  

I have no previous experience at all to deploy secure connected devices. If I buy C-Trust what is the learning curve?The main goal with C-Trust is to make it as simple as possible to add security to your products. To add a SBM (Secure Boot Manager) project to an application, set up keys and certificates and run on a development board should take a matter of minutes.

How can I find out if my device is supported in C-Trust
The list of devices that are supported can be found here C-Trust support is displayed in a separate column.

Do you get access to the Secure Boot Manager source code with the C-Trust license?
Yes, you do.

Can only MCUs with onboard unique IDs be used for security?
No. If a targeted MCU does not have a Unique ID, the Security Context can be configured such that a random number is generated as a substitute for the unique ID. Currently, most secure MCUs have a unique UUID included.

How extensive are the instructions and examples documented for these tools?
We have quick start guides and videos to help you get started quickly and a comprehensive manual detailing with all the various features and options of the tools.

Is C-Trust only useful for connected applications?
No, the environment is beneficial to anyone who wants to protect valuable IP from overproduction or counterfeiting.

What is “IP protection“ protecting?
“IP protection“ protects your software form unauthorized access by hackers or competitors. It is a confidentiality and integrity protection of your software. It prevents your software from being stolen during production or once your devices are in the field.

Why “IP protection“ is so important?
There are many reasons why your IP might be stolen e.g. a competitor who wants to reverse engineer your software. Another is a fraudulent manufacturer producing for the grey market. As the invest in your software is a value in your company, you should protect this IP.

How does “IP protection“ work?
“IP protection“ leverages topical asymmetric and symmetric crypto-algorithms to encrypt your software IP end-to-end. This means that between secure endpoints the software is never accessible in plain machine code. One secure endpoint is located inside the IoT device and uses the hardware security foundation, e.g. arm TrustZone-M, to protect the required cryptographic key. With this end-to-end security the other secure endpoint is located in the production equipment and tools provided by Secure Thingz.

Is “IP protection“ also protecting my software in the flash memory on the device?
Depending on the chosen MCU type the “IP protection“ encrypts also your software in the flash memory of your devices. Just when it is loaded for execution our SBM (Secure Boot Manager) decrypts the software for execution.

Can I update protected IP on a device once it is in the field?
Yes, the mechanism for IP protection can be applied to a software update package similar as they are applied on the initial software package.

 

© IAR Systems 1995-2019 - All rights reserved.

We use cookies on this website to provide you with a better experience. You need to accept cookies to continue using this site. Cookies